Data Protection & Privacy

Cybercrime and IT security are currently top of the list of concerns for most Risk teams.

The Data Protection Act 1998 is long overdue for updating, given the fast moving pace of the subject matter. The EU General Data Protection Regulation (‘GDPR’) was adopted on  27 April 2016 and was intended to apply directly within the UK by 25 May 2018, after a two year transition period. Given the Brexit position, it may be that some of the detail of GDPR may change. What seems certain however, is that most, if not all of the changes will still apply in essence if the UK wants to be considered as providing equivalence.

All our partners have additional qualifications in Data Protection.  We provide specialist online and face to face training on Data Protection for professional firms and our Cybercrime online course; Phishing for Trouble covers up to the minute Cybercrime threats.

We are able to advise you on issues such as these:

  • What do we need to do to prepare for the GDPR?
  • Someone has sent us what looks like a Subject Access Request. What do we have to send her and when?
  • What rights do our clients and staff have, in relation to their data? How long can we keep it?  What can we use it for?
  • Are law firm client files regarded as data?
  • What do we need to tell our clients before we collect their data? What should we put in our Terms of Business?
  • What steps must we take to safeguard the data we hold?
  • The senior partner has lost his laptop. Do we need to tell the Information Commissioner’s Office (ICO)?
  • Can we send marketing messages or make sales calls? Can we use cookies?
  • What steps do we need to take to prepare for the forthcoming EU General Data Protection Regulation?
  • Can we send data abroad? Can we store it in the Cloud?
  • Can we install CCTV on our premises?
  • What steps must we take to control a company that processes data on our behalf, e.g. payroll company, or confidential waste management agent?
  • Do we need to register with the ICO?


  • 18 . 04 . 2018 SRA proposals for PII reform – are there any winners? | JLT SRA proposals for PII reform – are there any winners? | JLT

    First published here.

  • 29 . 03 . 2018 Risk Update March 2018 Risk Update March 2018

    Demolition job: SRA Consultation on Professional Indemnity Insurance (PII)-Challenging opponents’ legal costs-What is integrity?-General Data Protection Regulation-Conflicts of Interests and Confidentiality-AML-Non-disclosure agreements

  • NEXT EVENT Liverpool Law Society – Compliance Conference 2018 Liverpool Law Society – Compliance Conference 2018 Location: Liverpool Law Society, 2nd Floor, Helix, Edmund Street, Liverpool, L3 9NY Start: May 23, 2018 RECENT NEWS